Because of the increasing illegitimate use of phone calls, there is an urgent need to authenticate calls that come to one's telephone, as well as the callers making the calls. One type of such illegitimate activity includes illicit telemarketers making calls they are not authorized to make. To remedy this problem, caller ID blocking applications have been developed, which use caller ID to validate the entities making incoming calls. However, such applications are not effective when a caller spoofs another entity's telephone number, thus causing the recipient's caller ID to display a telephone number different from the actual originating phone number. In view of the spoofing problem, caller ID blocking applications may lead to a high number of false positives (e.g., a legitimate bank's number gets blocked when an attacker has been spoofing its phone number) as well as a high number of false negatives (e.g., spoofers' calls are not getting blocked, if they are spoofing numbers on a whitelist).
In view of the foregoing, there is a need to not only verify that the telephone number obtained through caller ID belongs to a safe entity, but also that the incoming call was in fact made by that entity.